I was just setting up a Gallery install for one of my sites, and when testing the install of ImageMagick (something you have to do before you can use it in the install) I got this rather worrying message:
Warning: This version of ImageMagick has known vulnerabilities that could be exploited to execute arbitrary commands or cause a denial of service (references: 1, 2, 3, 4). You may wish to upgrade. This determination may be inaccurate for ImageMagick packages in Linux distributions.
This is the standard /usr/bin installation. Sure I can always compile and run my own copy on my own space, but if that’s the version dreamhost is offering by default, and it’s known to be insecure, should they even be offering it?
Do they even know about this?
hi2u signature (mental powers of funny are lacking tonight, so no amusing sig for yuo!)